‘Honey Trap’ Sites Recruiting Israeli Spies

Websites are offering work to Iranians and Iranian proxies in Syria and Lebanon as spies for Israel and these offers are believed to be a counter-intelligence effort driven by Iran's security services.

Investigators at online news website, The Daily Beast, have found the sites as part of an investigation into a series of apparent phishing websites that spoofed think tanks and news organisations focused on the Middle East and national security.  Those sites include domains meant to trick users into believing they were associated with prestigious news outlets across the Middle East.

At least 16 sites were identified using the same proposition, phrasing, logos, phone numbers to lure people working in sensitive security jobs in the Hezbollah terror group in Palestine, the Assad regime in Syria, or in Iran itself. Neither the cyber security firm Mandiant, nor Google or Facebook, where the sites had accounts, were able to identify who lies behind the phishing domains.

The recruiting sites have surfaced and disappeared over a four-year period, targeting users in Iran, Syria, and Lebanon through Google Ads.

Displaying a picture of the Israeli flag and a contact number with an Israeli country code, a website called 'VIP Human Solutions’  advertises itself as the “VIP center for recruitment of the most distinguished in the military and security services of Syria and Hezbollah in Lebanon” that “specialises in research and consultancies in the studies of security and political science in all corners of the world." The Human Solutions’ site promises rapid hiring decisions and big salaries.

Security researchers suspect the intelligence job sites are part of an Iranian counter intelligence effort and say that certain that  these websites are fake and have no  connection to Israel’s genuine  spy services.

The Israel Defence Force (IDF) has previously uncovered a scam by Hamas militants to spy on its soldiers by hacking their mobile phones after posing as women on social media. Members of the Palestinian group found the soldiers online, then tried to strike up a friendship using the fake identities and dozens of IDF soldiers were persuaded to install an application that controlled their phone cameras and microphones.

The Israeli National Cyber Directorate has issued a general warning to Israeli businesses to be aware of potential cyber attacks, as the country faced an uptick in hacking attempts. In December last year, Israeli cyber security firm Check Point said that a hacking group identified with the Iranian regime was aiming to attack Israeli targets.

Daily Beast:     Times of Israel:     Media Line:      BBC

You Might Also Read:

Israel & Iran Locked In Cyber Conflict:

 

« Ransomware Attack On French Ministry of Justice
Britain's Cyber Security Strategy Focuses On Resilience »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CERT.br

CERT.br

The Brazilian national Computer Emergency Response Team

CERT.BY

CERT.BY

The National Computer Emergency Response Team of the Republic of Belarus.

AXA XL

AXA XL

AXA XL is the P&C and Specialty Risk Division of AXA. Professional insurance products include Cyber Insurance.

SoSafe

SoSafe

SoSafe empowers organizations to build a security culture and mitigate risk with its GDPR-compliant awareness programs.

ThreatSwitch

ThreatSwitch

ThreatSwitch a software platform for cleared federal contractors to get and stay compliant with NISPOM and Conforming Change 2.

Stanley Reid & Company (SRC)

Stanley Reid & Company (SRC)

Stanley Reid & Co is an Executive and Technical Search Firm serving the commercial market and the US Intelligence & Defense community. Our areas of expertise include Cybersecurity.

Audea

Audea

Audea is a consultancy firm specialising in cybersecurity, risk and compliance. We provide professional services addressing all areas of Cybersecurity and GRC.

Mandiant

Mandiant

Mandiant deliver dynamic cyber defense solutions powered by industry-leading expertise, intelligence and innovative technology.

Input Output (IOHK)

Input Output (IOHK)

IOHK is one of the world's pre-eminent blockchain infrastructure research and engineering companies.

eGyanamTech (EGT)

eGyanamTech (EGT)

eGyanamTech provides robust security solutions tailored for Operational Technology (OT) and Supervisory Control and Data Acquisition (SCADA) systems used in critical infrastructure systems.

Cakewalk

Cakewalk

Cakewalk is the new standard in easy Access Control. Trusted by IT & Security teams. Loved by employees.

itm8

itm8

itm8 is a Nordic digital transformation partner offering a wide range of services in IT operations and Cloud Services, Digital Transformation, Application Services, ERP, and Cyber Security.

Halo Security

Halo Security

Halo Security is a fast, easy, and scalable external attack surface management platform that gives security leaders deep visibility into their internet-facing assets.

SeQure

SeQure

SeQure is a novel cybersecurity and data observability company that offers Fortune 100 and Governments a zero-trust service to continuously monitor large network environments.

Cyber Nations

Cyber Nations

Cyber Nations is a global program designed to engage 100,000 African, Caribbean and Canadian learners to be trained in cybersecurity with a path to employment.

Cyberus

Cyberus

Cyberus brings together industry, business, and government to collaboratively create a secure digital future for Russia and the world.